Juniper patches Critical and High severity vulnerabilities in Junos OS, Contrail Networking, Northstar Controller products (July 2022)

Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS and multiple other products.

An attacker could exploit these vulnerabilities and potentially take over impacted systems.

Juniper released the following security advisories on July 13 and July 14, 2022:

  1. Junos Space: Multiple vulnerabilities resolved in 22.1R1 release
  2. Contrail Networking: Multiple vulnerabilities resolved in Contrail Networking 21.4
  3. Junos OS and Junos OS Evolved: /var/run/.env files are potentially not deleted during termination of a gRPC connection causing inode exhaustion (CVE-2022-22215)
  4. Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update (CVE-2022-22213)
  5. Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash (CVE-2022-22214)
  6. Junos OS and Junos OS Evolved: Multiple vulnerabilities in SQLite resolved
  7. Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or drops (CVE-2022-22212)
  8. Junos OS: EX4600 Series and QFX5000 Series: Receipt of specific traffic will lead to an fxpc process crash followed by an FPC reboot (CVE-2022-22203)
  9. Junos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table entries are created which eventually leads to a DoS for all SIP traffic (CVE-2022-22204)
  10. Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash (CVE-2022-22207)
  11. Junos OS: OpenSSL security fixes
  12. Junos OS: PTX Series and QFX10000 Series: ‘Etherleak’ memory disclosure in Ethernet padding data (CVE-2022-22216)
  13. Junos OS: PTX Series: FPCs may restart unexpectedly upon receipt of specific MPLS packets with certain multi-unit interface configurations (CVE-2022-22202)
  14. Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on multi-homing ESI in VXLAN (CVE-2022-22217)
  15. Junos OS: QFX5000 Series and MX Series: An l2alm crash leading to an FPC crash can be observed in VxLAN scenario (CVE-2022-22210)
  16. Junos OS: RIB and PFEs can get out of sync due to a memory leak caused by interface flaps or route churn (CVE-2022-22209)
  17. Junos OS: SRX and EX Series: Local privilege escalation flaw in “download” functionality (CVE-2022-22221)
  18. Junos OS: SRX Series: An FPC memory leak can occur in an APBR scenario (CVE-2022-22205)
  19. Junos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search (CVE-2022-22206)
  20. Junos Space: Security Director Policy Enforcer upgraded to CentOS 7.9
  21. Northstar Controller: nginx component allows remote attacker to cause worker process crash or potentially, arbitrary code execution (CVE-2021-23017).

Northstar Controller

Of special note, the Northstar Controller vulnerability (CVE-2021-23017) is rated Critical (CVSS 9.4).

“An Off-by-one Error vulnerability in the nginx [engine x] resolver as used in Juniper Networks NorthStar Controller allows an unauthenticated remote attacker who is able to forge UDP packets from the DNS server to cause a 1-byte memory overwrite, resulting in worker process crash or potentially, arbitrary code execution. nginx as used in NorthStar Controller was upgraded from 1.18.0 to 1.20.1,” Juniper explained in the advisory.

Contrail Networking

Moreover, Juniper also addressed multiple Critical Contrail Networking vulnerabilities that impact all versions of Juniper Networks Contrail Networking prior to 21.4.0.

“Multiple vulnerabilities in third party software used in Juniper Networks Contrail Networking have been resolved in release 21.4.0 by upgrading the Open Container Initiative (OCI)-compliant Red Hat Universal Base Image (UBI) container image from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8,” Juniper noted in the advisory.

Junos

Finally, six of the Junos advisories are rated High severity: OpenSSL (multiple), CVE-2022-22221, CVE-2022-22205, CVE-2022-22207, CVE-2022-22212, CVE-2022-22209, and CVE-2022-22206.

The remaining security advisories affect Junos products and are rated Medium severity.

Related Articles